Microsoft executives had their emails hacked, with the company saying the attack was carried out by a Russian intelligence group. Al Lakhani, CEO of IDEE commented on the breach.
“When even tech behemoths like Microsoft cannot protect themselves against as common a threat as password spraying, how can their customers trust in their cyber solutions? Or, for that matter, in Microsoft’s ability to keep their systems and data safe?
“The story highlights the same old issues; if you continue to rely on the centralised storage of credentials, and focus on detection rather than prevention, then you’re a sitting duck.
“Organisations must deploy authentication methods that can prevent ALL cyber attacks, including password spraying and other password-based attacks, credential phishing and adversary-in-the-middle attacks that leverage ‘credentials’ as the initial access vector. This means investing in solutions that are founded on strong digital identity proofing and transitive trust, in turn allowing businesses to improve their security and productivity with the least amount of time and resources.
“The only thing we can hope is that high-profile breaches like this shock businesses into action.”
Read more exclusives and news in our latest issue here.